Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

TS Gateway and OWA on different servers requiring port 443 with 1 public IP

Posted on 2008-10-27
4
Medium Priority
?
1,484 Views
Last Modified: 2012-06-27
I have a network with an SBS 2003 Server that hosts OWA and some other websites that accept port 443 traffic.

I want to trial Windows 2008 TS Gateway to allow easy remote access to terminal services. I have a new 2008 virtual server set up with just what is needed for the TS Gateway service. This install was easy, but it seems I need port 443 going to this server. How can I separate the traffic for one server from that for the other?

More on the network:  There is a single public IP address that goes through a PIX Firewall and redirects to the SBS server. The SBS server has ISA 2004 installed, but the server has been set up to team the network cards (I assume for redundancy) and so ISA pretty much functions as a web cache.
0
Comment
Question by:littlehogarth
  • 2
  • 2
4 Comments
 
LVL 58

Expert Comment

by:tigermatt
ID: 22823779

The only way in which I can foresee you being able to do this would be to use a differnet port number externally (say 445), which maps internally to port 443. This would be a change you'd have to make in the PIX Firewall configuration.

I would probably make the change so that:

-Port 445 (external) is open to port 443 (internal) - IP: SBS Server
-Port 443 (external) is open to port 443 (internal) - IP: 2k8 TS Gateway server

That's the only easy way by which this would be possible.

-tigermatt
0
 

Author Comment

by:littlehogarth
ID: 22827403
Yes thats what I thought.

As I believe the RDP client settings for TS Gateway cannot take a port value and so is locked to using 443. Could change the other web server, but have found some posts saying changing OWA can cause issues, plus the whole benefit of having only needing 443 open is lost.

My other thought was just manning up and getting an additional IP. Do you know if two IPs use the same modem?
0
 
LVL 58

Accepted Solution

by:
tigermatt earned 2000 total points
ID: 22829223

You could ask your host regarding two IPs, but yes, you should be able to plug them into your firewall just fine.

-tigermatt
0
 

Author Closing Comment

by:littlehogarth
ID: 31510635
Thanks Tigermatt, I just didn't want to get a second IP if there was another simple way to manage this.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question